CN117077095A - Authority request response method and device and electronic equipment - Google Patents

Authority request response method and device and electronic equipment Download PDF

Info

Publication number
CN117077095A
CN117077095A CN202311037796.3A CN202311037796A CN117077095A CN 117077095 A CN117077095 A CN 117077095A CN 202311037796 A CN202311037796 A CN 202311037796A CN 117077095 A CN117077095 A CN 117077095A
Authority
CN
China
Prior art keywords
model
data
user
target
data authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311037796.3A
Other languages
Chinese (zh)
Inventor
吉庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Bank Co Ltd
Original Assignee
Ping An Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Bank Co Ltd filed Critical Ping An Bank Co Ltd
Priority to CN202311037796.3A priority Critical patent/CN117077095A/en
Publication of CN117077095A publication Critical patent/CN117077095A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The application provides a response method and device of an authority request and electronic equipment, and relates to the technical field of finance, wherein the method is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; the method comprises the following steps: receiving a data authority request of a target user; the data authority request carries a model identifier and a user identifier; searching a target data authority model corresponding to a target user according to the user identification and the model identification; generating an SQL conditional script according to the screening condition group in the target data authority model; based on the SQL conditional script, responding to the data authority request of the target user. The application can determine the corresponding data authority model based on the identification carried in the data authority request, and generates the SQL condition script based on the screening condition set configured by the data authority model, thereby completing the data authority response based on the script and improving the flexibility of the data authority control.

Description

Authority request response method and device and electronic equipment
Technical Field
The present application relates to the field of financial technologies, and in particular, to a method and an apparatus for responding to a permission request, and an electronic device.
Background
In the financial field, the data authority refers to the condition configured according to the data authority, so as to realize the control of the visible range of the financial related data for users with different departments or different positions. At present, a set of flexibly configurable data authority system is not used for realizing the data authority configuration of a user or a role, and only menu authorities are used for realizing a simple data authority control function at present, but the menu is used for controlling the data authority, so that a plurality of different menus are required to be established through the menu implementation, and different menus are allocated for different positions, even if the control of the data authority can be simply realized, the labor cost is increased, excessive menus are configured, and the control of the data authority cannot be flexibly realized due to excessive redundancy.
Disclosure of Invention
The application aims to provide a response method, a response device and electronic equipment for a permission request, which can determine a corresponding data permission model based on an identifier carried in the data permission request, generate an SQL (structured query language) condition script based on a screening condition set configured by the data permission model, and further complete data permission response based on the script, so that the flexibility of data permission control is improved.
In a first aspect, the present application provides a method for responding to a permission request, where the method is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; the method comprises the following steps: receiving a data authority request of a target user; the data authority request carries a model identifier and a user identifier; searching a target data authority model corresponding to a target user according to the user identification and the model identification; generating an SQL conditional script according to the screening condition group in the target data authority model; based on the SQL conditional script, responding to the data authority request of the target user.
Further, the screening condition group includes: at least one database field, a data query statement corresponding to the database field, and an operation symbol; generating an SQL condition script according to the screening condition group in the target data authority model, wherein the SQL condition script comprises the following steps: aiming at each database field in the screening condition set, searching for a corresponding main data code according to a data query statement corresponding to the database field; and generating the SQL conditional script based on the searched main data codes and the operation symbols.
Further, the server provides a model configuration page; the configuration process of the target data authority model is as follows: responding to a model creation operation in a model configuration page, and generating a first model containing model basic information; the model basic information includes: model identification, application system type, data source type, database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data; in response to a user data rights configuration operation for the second model, a target data rights model associated with the user identification of the target user is generated.
Further, the first model further includes: an association control corresponding to each database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data, wherein the step comprises the following steps: for each database field, responding to touch operation of an association control corresponding to the database field, and displaying a plurality of associable main data codes corresponding to the database field; and responding to the selection, editing and storage operation aiming at least one target main data code, and obtaining a second model associated with the preset main data.
Further, the editing operation for the target main data encoding includes: a main data name editing operation, a main data type editing operation and a data query statement editing operation.
Further, the server also provides a user management data authority configuration page; a step of generating a target data rights model associated with a user identification of a target user in response to a user data rights configuration operation for the second model, comprising: responding to the selection operation of the application system and the model name in a user management data authority configuration page aiming at the target user, and associating the user identification of the target user with a second pre-configured model; responding to configuration operation of screening conditions in a user management data authority configuration page, and generating a target data authority model containing a screening condition group; the configuration operation of the screening condition comprises the following steps: configuration operations of database fields and configuration operations of operation symbols.
Further, the server also provides a role management data authority configuration page; in response to a user data rights configuration operation for the second model, generating a target data rights model associated with the user identification of the target user, further comprising: responding to the role data authority configuration operation of the second model in the role management data authority configuration page, and generating a third model associated with the role identifier; and responding to the role binding operation aiming at the target user, and binding the role identifier with the user identifier of the target user to obtain a target data authority model associated with the user identifier.
In a second aspect, the present application also provides a response device for the permission request, where the device is applied to the server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; the device comprises: the request receiving module is used for receiving the data authority request of the target user; the data authority request carries a model identifier and a user identifier; the model searching module is used for searching a target data authority model corresponding to the target user according to the user identification and the model identification; the script generation module is used for generating an SQL conditional script according to the screening condition group in the target data authority model; and the request response module is used for responding to the data authority request of the target user based on the SQL conditional script.
In a third aspect, the present application also provides an electronic device comprising a processor and a memory, the memory storing computer executable instructions executable by the processor, the processor executing the computer executable instructions to implement the method of the first aspect.
In a fourth aspect, the present application also provides a computer readable storage medium storing computer executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of the first aspect.
The application provides a response method and device of an authority request and electronic equipment, wherein the method is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; firstly, a server receives a data authority request of a target user; the data authority request carries a model identifier and a user identifier; according to the user identification and the model identification, a target data authority model corresponding to a target user can be searched; then generating an SQL condition script according to the screening condition group in the target data authority model; and finally, responding to the data authority request of the target user based on the SQL conditional script. According to the method, the corresponding data permission model can be determined based on the identification carried in the data permission request, the SQL condition script is generated based on the screening condition set configured by the data permission model, and then the data permission response is completed based on the script, so that the data permission control is realized, and the flexibility of the data permission control is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present application, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for responding to a permission request according to an embodiment of the present application;
FIG. 2 is a flow chart of a model configuration process provided in an embodiment of the present application;
FIG. 3 is a schematic diagram of a model configuration page according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a model configuration page according to an embodiment of the present application;
FIG. 5 is a schematic diagram of an associated main data page according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a user data permission configuration page according to an embodiment of the present application;
FIG. 7 is a block diagram of a device for responding to a permission request according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions of the present application will be clearly and completely described in connection with the embodiments, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In the related art, a menu authority configuration mode is adopted to realize a simple data authority control function, and a plurality of different menus are often required to be distributed aiming at different positions, so that on one hand, the labor cost is increased, on the other hand, the menus are too redundant, and the control of the data authority cannot be flexibly realized. Based on the above, the embodiment of the application provides a response method, a response device and electronic equipment for a permission request, which can determine a corresponding data permission model based on an identifier carried in the data permission request, generate an SQL (structured query language) condition script based on a screening condition set configured by the data permission model, and further complete data permission response based on the script, thereby improving the flexibility of data permission control.
For the sake of understanding the present embodiment, a detailed description will be given of a method for responding to a permission request disclosed in the present embodiment.
Fig. 1 is a flowchart of a method for responding to a permission request, which is provided in an embodiment of the present application, and the method is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; each data rights model includes: model name, application system, user identification, model identification, screening condition group; the set of screening conditions is essentially used to screen the database for corresponding data and may include: at least one database field, a data query statement corresponding to the database field, and an operator. The method specifically comprises the following steps:
step S102, receiving a data authority request of a target user; the data authority request carries a model identifier and a user identifier.
In practice, a user may be configured with multiple data authority models, so that when requesting the data authority of the target user, the user identifier and the model identifier need to be provided at the same time.
Step S104, searching a target data authority model corresponding to the target user according to the user identification and the model identification.
Through the user identification, a plurality of data authority models corresponding to the user identification can be determined, and then through the model identification, a target data authority model is determined from the plurality of data authority models.
And S106, generating an SQL condition script according to the screening condition group in the target data authority model.
The set of screening conditions in the model is actually conditions for data screening, including: at least one database field, a data query statement corresponding to the database field, and an operator. The operation symbol comprises: comprises (in); not (not in); equal (=); not equal (+|=).
The process of generating the SQL conditional script is actually as follows: and splicing each condition in the condition group in a recursion mode.
Step S108, responding to the data authority request of the target user based on the SQL conditional script.
In specific implementation, the SQL conditional script can be added into the corresponding service code, and the SQL conditional script in the service code is operated to realize the data authority control of the target user.
The embodiment of the application also provides a response method of the permission request, which can determine the corresponding data permission model based on the identification carried in the data permission request, generate the SQL condition script based on the screening condition set configured by the data permission model, further complete the data permission response based on the script, realize the data permission control and improve the flexibility of the data permission control.
The embodiment of the application also provides another response method of the permission request, which is realized on the basis of the embodiment; the present embodiment focuses on the SQL conditional script generation process and the configuration process of the data authority model.
The above screening condition group includes: at least one database field, a data query statement corresponding to the database field, and an operation symbol; generating an SQL condition script according to the screening condition group in the target data authority model, wherein the SQL condition script comprises the following steps:
aiming at each database field in the screening condition set, searching for a corresponding main data code according to a data query statement corresponding to the database field; and generating the SQL conditional script based on the searched main data codes and the operation symbols.
An example of an SQL conditional script is listed below:
“sql”:(ORG_CD in(8000V,800s,8001,8003,8000,8002)and LINE_CD!=“QH”);
wherein, ORG_CD and LINE_CD are two database fields; in, ++! =, and is an operator; 8000V,800s,8001,8003,8000,8002, "QH" is the main data encoding.
In the embodiment of the application, the configuration process of the data authority model is described in detail as follows:
the server provides a model configuration page; referring to fig. 2, the configuration process of the target data authority model is as follows:
step S202, responding to a model creation operation in a model configuration page, and generating a first model containing model basic information; the model basic information includes: model identification, application type, data source type, database field.
Referring to fig. 3, an example of configuring an accounting report data query authority model is described, where a model name, a unique identifier (i.e., a model identifier), an application system, a state, a data source type, and database fields (such as line_cd and org_cd) of the model are configured in a configuration page.
Step S204, responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data.
The first model further includes: an association control corresponding to each database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data, wherein the step comprises the following steps:
for each database field, responding to touch operation of an association control corresponding to the database field, and displaying a plurality of associable main data codes corresponding to the database field; and responding to the selection, editing and storage operation aiming at least one target main data code, and obtaining a second model associated with the preset main data. The editing operation for the target main data encoding includes: a main data name editing operation, a main data type editing operation and a data query statement editing operation.
Referring to fig. 4, after clicking the corresponding association control for a certain database field, a page of the associated main data is displayed, where the page includes a plurality of selectable main data codes and corresponding names, and in implementation, the selection of the main data codes may be performed according to actual situations. In addition, the associated main data can be edited, as shown in fig. 5, the codes, names, types and SQL can be edited, and the main data association process of the database field can be completed.
In the embodiment of the application, a data authority model is created according to a specific application system, and the model comprises a model name, an application system, a data source type, a configured field name and a main data code associated with the field. The field configured here can be understood as a key in the where condition, and the main data encoding can be understood as a value in the where condition.
Step S206, responding to the user data authority configuration operation aiming at the second model, and generating a target data authority model associated with the user identification of the target user.
In the concrete implementation, the server also provides a user management data authority configuration page; a step of generating a target data rights model associated with a user identification of a target user in response to a user data rights configuration operation for the second model, comprising:
responding to the selection operation of the application system and the model name in a user management data authority configuration page aiming at the target user, and associating the user identification of the target user with a second pre-configured model; responding to configuration operation of screening conditions in a user management data authority configuration page, and generating a target data authority model containing a screening condition group; the configuration operation of the screening condition comprises the following steps: configuration operations of database fields and configuration operations of operation symbols.
Referring to fig. 6, a function of configuring data authority of a user and a character is added, the data authority of the user or the character is configured, three data visible ranges exist, and all the configured data can be visible; the data is totally invisible and some conditions are visible. When configured such that a partial condition is visible, then a set of data visible conditions needs to be created. The 'organization code' here corresponds to the name of the database field in fig. 3. The operation symbol corresponds to the operation symbol in the SQL conditional script, and can be selected to comprise (in); not (not in); equal (=); not equal (+|=); and then the main data configured by the model field is used for encoding and inquiring and selecting the condition group value of the user or the role. Thus, the configuration of the data authority of the user or the role is completed. The whole row is the same as the organization and is the result of inquiring based on the main data codes associated with the fields.
It should be noted that, although the database fields, such as the two fields of line_cd and org_cd, are already set in the foregoing first model configuration, when the filtering condition is configured later, one of the fields may be selected for the condition configuration, and of course, both the fields may also be selected for the condition configuration.
Further, the server also provides a role management data authority configuration page; in response to a user data rights configuration operation for the second model, generating a target data rights model associated with the user identification of the target user, further comprising:
responding to the role data authority configuration operation of the second model in the role management data authority configuration page, and generating a third model associated with the role identifier; and responding to the role binding operation aiming at the target user, and binding the role identifier with the user identifier of the target user to obtain a target data authority model associated with the user identifier.
That is, in the embodiment of the present application, the data authority model configuration may be performed in the user management configuration page in the foregoing manner, or the model may be configured under the role first (the configuration of the model for the role is similar to the configuration process for the user, and may be completed in the role management page, which is not described herein again), and then the role is given to the user, so that the configuration of the data authority may be implemented in two different manners.
After the condition group is configured by the model, the module needing to control the data authority can directly call the interface, two parameters of 'model Key' (unique model identifier) and 'um' (user identifier) are transmitted, the background can inquire the condition group in the data authority model configured by the user, and each condition in the condition group is spliced in a recursion mode, so that the SQL condition script, namely the where condition script, is obtained.
In the response method of the permission request provided by the embodiment of the application, the permission control is realized by the configuration mode of the data permission model, and the data permission scheme is applicable to a plurality of application systems, so that the development is simplified and the redundant code is reduced on the basis of the data permission control. And the configuration mode of the data authority configuration of the roles is more flexible, and the caller only needs to call the provided interface for acquiring the data authority condition groups to acquire the SQL condition scripts of the condition groups, and the SQL condition scripts are spliced in the corresponding business logic codes, so that the development efficiency is improved, and the response efficiency of the authority requests is improved.
Based on the method embodiment, the embodiment of the application also provides a response device of the permission request, and the device is applied to the server; at least one data authority model corresponding to each of a plurality of users is prestored in a server; referring to fig. 7, the apparatus includes:
a request receiving module 72, configured to receive a data authority request of a target user; the data authority request carries a model identifier and a user identifier; the model searching module 74 is configured to search a target data authority model corresponding to the target user according to the user identifier and the model identifier; the script generation module 76 is configured to generate an SQL condition script according to the set of screening conditions in the target data authority model; a request response module 78 for responding to the data rights request of the target user based on the SQL conditional script.
Further, the screening condition group includes: at least one database field, a data query statement corresponding to the database field, and an operation symbol; the script generating module 76 is configured to, for each database field in the screening condition set, find a corresponding main data code according to a data query statement corresponding to the database field; and generating the SQL conditional script based on the searched main data codes and the operation symbols.
Further, the server provides a model configuration page; the device further comprises: the model configuration module is used for executing the following configuration process of the target data authority model: responding to a model creation operation in a model configuration page, and generating a first model containing model basic information; the model basic information includes: model identification, application system type, data source type, database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data; in response to a user data rights configuration operation for the second model, a target data rights model associated with the user identification of the target user is generated.
Further, the first model further includes: an association control corresponding to each database field; the model configuration module is used for responding to touch operation of the association control corresponding to the database field aiming at each database field, and displaying a plurality of associable main data codes corresponding to the database field; and responding to the selection, editing and storage operation aiming at least one target main data code, and obtaining a second model associated with the preset main data.
Further, the editing operation for the target main data encoding includes: a main data name editing operation, a main data type editing operation and a data query statement editing operation.
Further, the server also provides a user management data authority configuration page; the model configuration module is used for responding to the selection operation of the application system and the model name in the user management data authority configuration page aiming at the target user, and associating the user identification of the target user with a second pre-configured model; responding to configuration operation of screening conditions in a user management data authority configuration page, and generating a target data authority model containing a screening condition group; the configuration operation of the screening condition comprises the following steps: configuration operations of database fields and configuration operations of operation symbols.
Further, the server also provides a role management data authority configuration page; the model configuration module is used for responding to the role data authority configuration operation of the second model in the role management data authority configuration page and generating a third model associated with the role identifier; and responding to the role binding operation aiming at the target user, and binding the role identifier with the user identifier of the target user to obtain a target data authority model associated with the user identifier.
The device provided by the embodiment of the present application has the same implementation principle and technical effects as those of the foregoing method embodiment, and for the sake of brief description, reference may be made to the corresponding content in the foregoing method embodiment where the device embodiment is not mentioned.
The embodiment of the present application further provides an electronic device, as shown in fig. 8, which is a schematic structural diagram of the electronic device, wherein the electronic device includes a processor 81 and a memory 80, the memory 80 stores computer executable instructions that can be executed by the processor 81, and the processor 81 executes the computer executable instructions to implement the following steps:
receiving a data authority request of a target user; the data authority request carries a model identifier and a user identifier; searching a target data authority model corresponding to a target user according to the user identification and the model identification; generating an SQL conditional script according to the screening condition group in the target data authority model; based on the SQL conditional script, responding to the data authority request of the target user.
Further, the screening condition group includes: at least one database field, a data query statement corresponding to the database field, and an operation symbol; generating an SQL condition script according to the screening condition group in the target data authority model, wherein the SQL condition script comprises the following steps: aiming at each database field in the screening condition set, searching for a corresponding main data code according to a data query statement corresponding to the database field; and generating the SQL conditional script based on the searched main data codes and the operation symbols.
Further, the server provides a model configuration page; the configuration process of the target data authority model is as follows: responding to a model creation operation in a model configuration page, and generating a first model containing model basic information; the model basic information includes: model identification, application system type, data source type, database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data; in response to a user data rights configuration operation for the second model, a target data rights model associated with the user identification of the target user is generated.
Further, the first model further includes: an association control corresponding to each database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with the preset main data, wherein the step comprises the following steps: for each database field, responding to touch operation of an association control corresponding to the database field, and displaying a plurality of associable main data codes corresponding to the database field; and responding to the selection, editing and storage operation aiming at least one target main data code, and obtaining a second model associated with the preset main data.
Further, the editing operation for the target main data encoding includes: a main data name editing operation, a main data type editing operation and a data query statement editing operation.
Further, the server also provides a user management data authority configuration page; a step of generating a target data rights model associated with a user identification of a target user in response to a user data rights configuration operation for the second model, comprising: responding to the selection operation of the application system and the model name in a user management data authority configuration page aiming at the target user, and associating the user identification of the target user with a second pre-configured model; responding to configuration operation of screening conditions in a user management data authority configuration page, and generating a target data authority model containing a screening condition group; the configuration operation of the screening condition comprises the following steps: configuration operations of database fields and configuration operations of operation symbols.
Further, the server also provides a role management data authority configuration page; in response to a user data rights configuration operation for the second model, generating a target data rights model associated with the user identification of the target user, further comprising: responding to the role data authority configuration operation of the second model in the role management data authority configuration page, and generating a third model associated with the role identifier; and responding to the role binding operation aiming at the target user, and binding the role identifier with the user identifier of the target user to obtain a target data authority model associated with the user identifier.
In the embodiment shown in fig. 8, the electronic device further comprises a bus 82 and a communication interface 83, wherein the processor 81, the communication interface 83 and the memory 80 are connected by the bus 82.
The memory 80 may include a high-speed random access memory (RAM, random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one magnetic disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 83 (which may be wired or wireless), and may use the internet, a wide area network, a local network, a metropolitan area network, etc. Bus 82 may be an ISA (Industry Standard Architecture ) bus, a PCI (Peripheral Component Interconnect, peripheral component interconnect standard) bus, or EISA (Extended Industry Standard Architecture ) bus, among others. The bus 82 may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, only one bi-directional arrow is shown in FIG. 8, but not only one bus or type of bus.
The processor 81 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 81 or by instructions in the form of software. The processor 81 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but also digital signal processors (Digital Signal Processor, DSP for short), application specific integrated circuits (Application Specific Integrated Circuit, ASIC for short), field-programmable gate arrays (Field-Programmable Gate Array, FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor 81 reads the information in the memory, and in combination with its hardware, performs the steps of the method of the previous embodiment.
The embodiment of the application also provides a computer readable storage medium, which stores computer executable instructions that, when being called and executed by a processor, cause the processor to implement the above method, and the specific implementation can refer to the foregoing method embodiment and will not be described herein.
The method, the apparatus and the computer program product of the electronic device provided in the embodiments of the present application include a computer readable storage medium storing program codes, where the instructions included in the program codes may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment and will not be described herein.
The relative steps, numerical expressions and numerical values of the components and steps set forth in these embodiments do not limit the scope of the present application unless it is specifically stated otherwise.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer readable storage medium executable by a processor. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
In the description of the present application, it should be noted that the directions or positional relationships indicated by the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, are merely for convenience of describing the present application and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present application. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above examples are only specific embodiments of the present application, and are not intended to limit the scope of the present application, but it should be understood by those skilled in the art that the present application is not limited thereto, and that the present application is described in detail with reference to the foregoing examples: any person skilled in the art may modify or easily conceive of the technical solution described in the foregoing embodiments, or perform equivalent substitution of some of the technical features, while remaining within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. A response method of a permission request, wherein the method is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in the server; the method comprises the following steps:
receiving a data authority request of a target user; the data authority request carries a model identifier and a user identifier;
searching a target data authority model corresponding to the target user according to the user identification and the model identification;
generating an SQL conditional script according to the screening condition group in the target data authority model;
and responding to the data authority request of the target user based on the SQL conditional script.
2. The method of claim 1, wherein the set of screening conditions comprises: at least one database field, a data query statement corresponding to the database field, and an operation symbol; and generating an SQL conditional script according to the screening condition group in the target data authority model, wherein the SQL conditional script comprises the following steps:
searching a corresponding main data code according to a data query statement corresponding to the database field aiming at each database field in the screening condition group;
and generating an SQL conditional script based on the searched main data code and the operation symbol.
3. The method of claim 1, wherein the server provides a model configuration page; the configuration process of the target data authority model is as follows:
responding to the model creation operation in the model configuration page, and generating a first model containing model basic information; the model basic information comprises: model identification, application system type, data source type, database field;
responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with preset main data;
a target data rights model associated with the user identification of the target user is generated in response to a user data rights configuration operation for the second model.
4. A method according to claim 3, wherein the first model further comprises: an association control corresponding to each database field; responding to the associated main data operation aiming at the database field in the first model, and obtaining a second model associated with preset main data, wherein the step comprises the following steps:
for each database field, responding to touch operation of an association control corresponding to the database field, and displaying a plurality of associable main data codes corresponding to the database field;
and responding to the selection, editing and storage operation aiming at least one target main data code, and obtaining a second model associated with the preset main data.
5. The method of claim 4, wherein the editing operation for the target main data encoding comprises: a main data name editing operation, a main data type editing operation and a data query statement editing operation.
6. A method according to claim 3, wherein the server also provides a user management data rights configuration page; responsive to a user data rights configuration operation for the second model, generating a target data rights model associated with a user identification of a target user, comprising:
responding to the selection operation of an application system and a model name in a user management data authority configuration page aiming at a target user, and associating the user identification of the target user with a second pre-configured model;
responding to configuration operation of screening conditions in a user management data authority configuration page, and generating a target data authority model containing a screening condition group; the configuration operation of the screening condition comprises the following steps: configuration operations of database fields and configuration operations of operation symbols.
7. A method according to claim 3, wherein the server also provides a role management data rights configuration page; responsive to a user data rights configuration operation for the second model, the step of generating a target data rights model associated with a user identification of a target user, further comprises:
responding to role data authority configuration operation of the second model in a role management data authority configuration page, and generating a third model associated with the role identifier;
and responding to role binding operation aiming at a target user, and binding the role identifier with the user identifier of the target user to obtain a target data authority model associated with the user identifier.
8. A response device for a rights request, wherein the device is applied to a server; at least one data authority model corresponding to each of a plurality of users is prestored in the server; the device comprises:
the request receiving module is used for receiving the data authority request of the target user; the data authority request carries a model identifier and a user identifier;
the model searching module is used for searching a target data authority model corresponding to the target user according to the user identifier and the model identifier;
the script generation module is used for generating an SQL conditional script according to the screening condition group in the target data authority model;
and the request response module is used for responding to the data authority request of the target user based on the SQL conditional script.
9. An electronic device comprising a processor and a memory, the memory storing computer-executable instructions executable by the processor, the processor executing the computer-executable instructions to implement the method of any one of claims 1 to 7.
10. A computer readable storage medium storing computer executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of any one of claims 1 to 7.
CN202311037796.3A 2023-08-16 2023-08-16 Authority request response method and device and electronic equipment Pending CN117077095A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311037796.3A CN117077095A (en) 2023-08-16 2023-08-16 Authority request response method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311037796.3A CN117077095A (en) 2023-08-16 2023-08-16 Authority request response method and device and electronic equipment

Publications (1)

Publication Number Publication Date
CN117077095A true CN117077095A (en) 2023-11-17

Family

ID=88718895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311037796.3A Pending CN117077095A (en) 2023-08-16 2023-08-16 Authority request response method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN117077095A (en)

Similar Documents

Publication Publication Date Title
CN115309566B (en) Dynamic management method and system for service interface
CN111506579B (en) Method, program and equipment for generating intelligent contract code
CN104715309A (en) Service control method and device
CN111984239A (en) Page configuration method, device, server and storage medium
CN112527414A (en) Front-end-based data processing method, device, equipment and storage medium
CN110851207B (en) State transition management method and device, electronic equipment and storage medium
CN111488095A (en) User login management method and device
CN109213782B (en) Search interface configuration and display method and device and communication equipment
CN112486492A (en) Page generation method and device, storage medium and electronic equipment
CN112667638A (en) Dynamic report generation method and device, terminal equipment and readable storage medium
CN110968311B (en) Front-end page construction method and device and electronic equipment
CN117077095A (en) Authority request response method and device and electronic equipment
CN113919948B (en) Data updating method and device, electronic equipment and storage medium
CN112241412B (en) Tree structure table generation method and device and electronic equipment
CN114996554A (en) Database query method and device, storage medium and electronic equipment
CN112068895B (en) Code configuration method, device, video playing equipment and storage medium
CN114443781A (en) Method and device for generating enterprise guarantee map
CN114528010A (en) Data processing method and device, electronic equipment and storage medium
CN112445461A (en) Business rule generation method and device, electronic equipment and readable storage medium
CN114398226A (en) Network asset report generation method and device
CN110018844B (en) Management method and device of decision triggering scheme and electronic equipment
CN112988215A (en) Method and device for realizing evaluation rule and evaluating user data and electronic equipment
CN113220762A (en) Method, device, processor and storage medium for realizing general record processing of key service field change in big data application
CN112749159A (en) Form generation method and device, electronic equipment and storage medium
CN117472372B (en) Responsive form construction method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination